From 15e041b751c96ecf668a701d09a373d517610eae Mon Sep 17 00:00:00 2001 From: Pankul94 Date: Tue, 11 Jul 2023 09:46:48 -0700 Subject: Changes to resolve symbol conflict due to gf_mul CLA: trivial Changed names of internal functions to resolve symbol conflict when Openssl is used with intel/ISA-L. Reviewed-by: Tomas Mraz Reviewed-by: Kurt Roeckx Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/21421) --- crypto/ec/curve448/arch_32/f_impl32.c | 8 +- crypto/ec/curve448/arch_64/f_impl64.c | 6 +- crypto/ec/curve448/curve448.c | 144 +++++++++++++++++----------------- crypto/ec/curve448/f_generic.c | 36 ++++----- crypto/ec/curve448/field.h | 20 ++--- 5 files changed, 107 insertions(+), 107 deletions(-) (limited to 'crypto/ec/curve448') diff --git a/crypto/ec/curve448/arch_32/f_impl32.c b/crypto/ec/curve448/arch_32/f_impl32.c index 14f7b786f4..8a7a1fdbde 100644 --- a/crypto/ec/curve448/arch_32/f_impl32.c +++ b/crypto/ec/curve448/arch_32/f_impl32.c @@ -21,7 +21,7 @@ NON_EMPTY_TRANSLATION_UNIT # include "../field.h" -void gf_mul(gf_s * RESTRICT cs, const gf as, const gf bs) +void ossl_gf_mul(gf_s * RESTRICT cs, const gf as, const gf bs) { const uint32_t *a = as->limb, *b = bs->limb; uint32_t *c = cs->limb; @@ -70,7 +70,7 @@ void gf_mul(gf_s * RESTRICT cs, const gf as, const gf bs) c[1] += ((uint32_t)(accum1)); } -void gf_mulw_unsigned(gf_s * RESTRICT cs, const gf as, uint32_t b) +void ossl_gf_mulw_unsigned(gf_s * RESTRICT cs, const gf as, uint32_t b) { const uint32_t *a = as->limb; uint32_t *c = cs->limb; @@ -98,8 +98,8 @@ void gf_mulw_unsigned(gf_s * RESTRICT cs, const gf as, uint32_t b) c[1] += (uint32_t)(accum8 >> 28); } -void gf_sqr(gf_s * RESTRICT cs, const gf as) +void ossl_gf_sqr(gf_s * RESTRICT cs, const gf as) { - gf_mul(cs, as, as); /* Performs better with a dedicated square */ + ossl_gf_mul(cs, as, as); /* Performs better with a dedicated square */ } #endif diff --git a/crypto/ec/curve448/arch_64/f_impl64.c b/crypto/ec/curve448/arch_64/f_impl64.c index 10a9b065e5..419f8a8e65 100644 --- a/crypto/ec/curve448/arch_64/f_impl64.c +++ b/crypto/ec/curve448/arch_64/f_impl64.c @@ -21,7 +21,7 @@ NON_EMPTY_TRANSLATION_UNIT # include "../field.h" -void gf_mul(gf_s * RESTRICT cs, const gf as, const gf bs) +void ossl_gf_mul(gf_s * RESTRICT cs, const gf as, const gf bs) { const uint64_t *a = as->limb, *b = bs->limb; uint64_t *c = cs->limb; @@ -73,7 +73,7 @@ void gf_mul(gf_s * RESTRICT cs, const gf as, const gf bs) c[1] += ((uint64_t)(accum1)); } -void gf_mulw_unsigned(gf_s * RESTRICT cs, const gf as, uint32_t b) +void ossl_gf_mulw_unsigned(gf_s * RESTRICT cs, const gf as, uint32_t b) { const uint64_t *a = as->limb; uint64_t *c = cs->limb; @@ -99,7 +99,7 @@ void gf_mulw_unsigned(gf_s * RESTRICT cs, const gf as, uint32_t b) c[1] += accum4 >> 56; } -void gf_sqr(gf_s * RESTRICT cs, const gf as) +void ossl_gf_sqr(gf_s * RESTRICT cs, const gf as) { const uint64_t *a = as->limb; uint64_t *c = cs->limb; diff --git a/crypto/ec/curve448/curve448.c b/crypto/ec/curve448/curve448.c index bed2718ad7..914a15d77e 100644 --- a/crypto/ec/curve448/curve448.c +++ b/crypto/ec/curve448/curve448.c @@ -44,13 +44,13 @@ static void gf_invert(gf y, const gf x, int assert_nonzero) mask_t ret; gf t1, t2; - gf_sqr(t1, x); /* o^2 */ + ossl_gf_sqr(t1, x); /* o^2 */ ret = gf_isr(t2, t1); /* +-1/sqrt(o^2) = +-1/o */ (void)ret; if (assert_nonzero) assert(ret); - gf_sqr(t1, t2); - gf_mul(t2, t1, x); /* not direct to y in case of alias. */ + ossl_gf_sqr(t1, t2); + ossl_gf_mul(t2, t1, x); /* not direct to y in case of alias. */ gf_copy(y, t2); } @@ -63,23 +63,23 @@ static void point_double_internal(curve448_point_t p, const curve448_point_t q, { gf a, b, c, d; - gf_sqr(c, q->x); - gf_sqr(a, q->y); + ossl_gf_sqr(c, q->x); + ossl_gf_sqr(a, q->y); gf_add_nr(d, c, a); /* 2+e */ gf_add_nr(p->t, q->y, q->x); /* 2+e */ - gf_sqr(b, p->t); + ossl_gf_sqr(b, p->t); gf_subx_nr(b, b, d, 3); /* 4+e */ gf_sub_nr(p->t, a, c); /* 3+e */ - gf_sqr(p->x, q->z); + ossl_gf_sqr(p->x, q->z); gf_add_nr(p->z, p->x, p->x); /* 2+e */ gf_subx_nr(a, p->z, p->t, 4); /* 6+e */ if (GF_HEADROOM == 5) gf_weak_reduce(a); /* or 1+e */ - gf_mul(p->x, a, b); - gf_mul(p->z, p->t, a); - gf_mul(p->y, p->t, d); + ossl_gf_mul(p->x, a, b); + ossl_gf_mul(p->z, p->t, a); + ossl_gf_mul(p->y, p->t, d); if (!before_double) - gf_mul(p->t, b, d); + ossl_gf_mul(p->t, b, d); } void ossl_curve448_point_double(curve448_point_t p, const curve448_point_t q) @@ -108,17 +108,17 @@ static void pniels_to_pt(curve448_point_t e, const pniels_t d) gf_add(eu, d->n->b, d->n->a); gf_sub(e->y, d->n->b, d->n->a); - gf_mul(e->t, e->y, eu); - gf_mul(e->x, d->z, e->y); - gf_mul(e->y, d->z, eu); - gf_sqr(e->z, d->z); + ossl_gf_mul(e->t, e->y, eu); + ossl_gf_mul(e->x, d->z, e->y); + ossl_gf_mul(e->y, d->z, eu); + ossl_gf_sqr(e->z, d->z); } static void niels_to_pt(curve448_point_t e, const niels_t n) { gf_add(e->y, n->b, n->a); gf_sub(e->x, n->b, n->a); - gf_mul(e->t, e->y, e->x); + ossl_gf_mul(e->t, e->y, e->x); gf_copy(e->z, ONE); } @@ -128,19 +128,19 @@ static void add_niels_to_pt(curve448_point_t d, const niels_t e, gf a, b, c; gf_sub_nr(b, d->y, d->x); /* 3+e */ - gf_mul(a, e->a, b); + ossl_gf_mul(a, e->a, b); gf_add_nr(b, d->x, d->y); /* 2+e */ - gf_mul(d->y, e->b, b); - gf_mul(d->x, e->c, d->t); + ossl_gf_mul(d->y, e->b, b); + ossl_gf_mul(d->x, e->c, d->t); gf_add_nr(c, a, d->y); /* 2+e */ gf_sub_nr(b, d->y, a); /* 3+e */ gf_sub_nr(d->y, d->z, d->x); /* 3+e */ gf_add_nr(a, d->x, d->z); /* 2+e */ - gf_mul(d->z, a, d->y); - gf_mul(d->x, d->y, b); - gf_mul(d->y, a, c); + ossl_gf_mul(d->z, a, d->y); + ossl_gf_mul(d->x, d->y, b); + ossl_gf_mul(d->y, a, c); if (!before_double) - gf_mul(d->t, b, c); + ossl_gf_mul(d->t, b, c); } static void sub_niels_from_pt(curve448_point_t d, const niels_t e, @@ -149,19 +149,19 @@ static void sub_niels_from_pt(curve448_point_t d, const niels_t e, gf a, b, c; gf_sub_nr(b, d->y, d->x); /* 3+e */ - gf_mul(a, e->b, b); + ossl_gf_mul(a, e->b, b); gf_add_nr(b, d->x, d->y); /* 2+e */ - gf_mul(d->y, e->a, b); - gf_mul(d->x, e->c, d->t); + ossl_gf_mul(d->y, e->a, b); + ossl_gf_mul(d->x, e->c, d->t); gf_add_nr(c, a, d->y); /* 2+e */ gf_sub_nr(b, d->y, a); /* 3+e */ gf_add_nr(d->y, d->z, d->x); /* 2+e */ gf_sub_nr(a, d->z, d->x); /* 3+e */ - gf_mul(d->z, a, d->y); - gf_mul(d->x, d->y, b); - gf_mul(d->y, a, c); + ossl_gf_mul(d->z, a, d->y); + ossl_gf_mul(d->x, d->y, b); + ossl_gf_mul(d->y, a, c); if (!before_double) - gf_mul(d->t, b, c); + ossl_gf_mul(d->t, b, c); } static void add_pniels_to_pt(curve448_point_t p, const pniels_t pn, @@ -169,7 +169,7 @@ static void add_pniels_to_pt(curve448_point_t p, const pniels_t pn, { gf L0; - gf_mul(L0, p->z, pn->z); + ossl_gf_mul(L0, p->z, pn->z); gf_copy(p->z, L0); add_niels_to_pt(p, pn->n, before_double); } @@ -179,7 +179,7 @@ static void sub_pniels_from_pt(curve448_point_t p, const pniels_t pn, { gf L0; - gf_mul(L0, p->z, pn->z); + ossl_gf_mul(L0, p->z, pn->z); gf_copy(p->z, L0); sub_niels_from_pt(p, pn->n, before_double); } @@ -192,8 +192,8 @@ ossl_curve448_point_eq(const curve448_point_t p, gf a, b; /* equality mod 2-torsion compares x/y */ - gf_mul(a, p->y, q->x); - gf_mul(b, q->y, p->x); + ossl_gf_mul(a, p->y, q->x); + ossl_gf_mul(b, q->y, p->x); succ = gf_eq(a, b); return mask_to_bool(succ); @@ -205,15 +205,15 @@ ossl_curve448_point_valid(const curve448_point_t p) mask_t out; gf a, b, c; - gf_mul(a, p->x, p->y); - gf_mul(b, p->z, p->t); + ossl_gf_mul(a, p->x, p->y); + ossl_gf_mul(b, p->z, p->t); out = gf_eq(a, b); - gf_sqr(a, p->x); - gf_sqr(b, p->y); + ossl_gf_sqr(a, p->x); + ossl_gf_sqr(b, p->y); gf_sub(a, b, a); - gf_sqr(b, p->t); + ossl_gf_sqr(b, p->t); gf_mulw(c, b, TWISTED_D); - gf_sqr(b, p->z); + ossl_gf_sqr(b, p->z); gf_add(b, b, c); out &= gf_eq(a, b); out &= ~gf_eq(p->z, ZERO); @@ -290,26 +290,26 @@ ossl_curve448_point_mul_by_ratio_and_encode_like_eddsa( /* 4-isogeny: 2xy/(y^+x^2), (y^2-x^2)/(2z^2-y^2+x^2) */ gf u; - gf_sqr(x, q->x); - gf_sqr(t, q->y); + ossl_gf_sqr(x, q->x); + ossl_gf_sqr(t, q->y); gf_add(u, x, t); gf_add(z, q->y, q->x); - gf_sqr(y, z); + ossl_gf_sqr(y, z); gf_sub(y, y, u); gf_sub(z, t, x); - gf_sqr(x, q->z); + ossl_gf_sqr(x, q->z); gf_add(t, x, x); gf_sub(t, t, z); - gf_mul(x, t, y); - gf_mul(y, z, u); - gf_mul(z, u, t); + ossl_gf_mul(x, t, y); + ossl_gf_mul(y, z, u); + ossl_gf_mul(z, u, t); OPENSSL_cleanse(u, sizeof(u)); } /* Affinize */ gf_invert(z, z, 1); - gf_mul(t, x, z); - gf_mul(x, y, z); + ossl_gf_mul(t, x, z); + ossl_gf_mul(x, y, z); /* Encode */ enc[EDDSA_448_PRIVATE_BYTES - 1] = 0; @@ -340,15 +340,15 @@ ossl_curve448_point_decode_like_eddsa_and_mul_by_ratio( succ = gf_deserialize(p->y, enc2, 1, 0); succ &= word_is_zero(enc2[EDDSA_448_PRIVATE_BYTES - 1]); - gf_sqr(p->x, p->y); + ossl_gf_sqr(p->x, p->y); gf_sub(p->z, ONE, p->x); /* num = 1-y^2 */ gf_mulw(p->t, p->x, EDWARDS_D); /* dy^2 */ gf_sub(p->t, ONE, p->t); /* denom = 1-dy^2 or 1-d + dy^2 */ - gf_mul(p->x, p->z, p->t); + ossl_gf_mul(p->x, p->z, p->t); succ &= gf_isr(p->t, p->x); /* 1/sqrt(num * denom) */ - gf_mul(p->x, p->t, p->z); /* sqrt(num / denom) */ + ossl_gf_mul(p->x, p->t, p->z); /* sqrt(num / denom) */ gf_cond_neg(p->x, gf_lobit(p->x) ^ low); gf_copy(p->z, ONE); @@ -356,20 +356,20 @@ ossl_curve448_point_decode_like_eddsa_and_mul_by_ratio( gf a, b, c, d; /* 4-isogeny 2xy/(y^2-ax^2), (y^2+ax^2)/(2-y^2-ax^2) */ - gf_sqr(c, p->x); - gf_sqr(a, p->y); + ossl_gf_sqr(c, p->x); + ossl_gf_sqr(a, p->y); gf_add(d, c, a); gf_add(p->t, p->y, p->x); - gf_sqr(b, p->t); + ossl_gf_sqr(b, p->t); gf_sub(b, b, d); gf_sub(p->t, a, c); - gf_sqr(p->x, p->z); + ossl_gf_sqr(p->x, p->z); gf_add(p->z, p->x, p->x); gf_sub(a, p->z, d); - gf_mul(p->x, a, b); - gf_mul(p->z, p->t, a); - gf_mul(p->y, p->t, d); - gf_mul(p->t, b, d); + ossl_gf_mul(p->x, a, b); + ossl_gf_mul(p->z, p->t, a); + ossl_gf_mul(p->y, p->t, d); + ossl_gf_mul(p->t, b, d); OPENSSL_cleanse(a, sizeof(a)); OPENSSL_cleanse(b, sizeof(b)); OPENSSL_cleanse(c, sizeof(c)); @@ -424,30 +424,30 @@ ossl_x448_int(uint8_t out[X_PUBLIC_BYTES], gf_add_nr(t1, x2, z2); /* A = x2 + z2 */ /* 2+e */ gf_sub_nr(t2, x2, z2); /* B = x2 - z2 */ /* 3+e */ gf_sub_nr(z2, x3, z3); /* D = x3 - z3 */ /* 3+e */ - gf_mul(x2, t1, z2); /* DA */ + ossl_gf_mul(x2, t1, z2); /* DA */ gf_add_nr(z2, z3, x3); /* C = x3 + z3 */ /* 2+e */ - gf_mul(x3, t2, z2); /* CB */ + ossl_gf_mul(x3, t2, z2); /* CB */ gf_sub_nr(z3, x2, x3); /* DA-CB */ /* 3+e */ - gf_sqr(z2, z3); /* (DA-CB)^2 */ - gf_mul(z3, x1, z2); /* z3 = x1(DA-CB)^2 */ + ossl_gf_sqr(z2, z3); /* (DA-CB)^2 */ + ossl_gf_mul(z3, x1, z2); /* z3 = x1(DA-CB)^2 */ gf_add_nr(z2, x2, x3); /* (DA+CB) */ /* 2+e */ - gf_sqr(x3, z2); /* x3 = (DA+CB)^2 */ + ossl_gf_sqr(x3, z2); /* x3 = (DA+CB)^2 */ - gf_sqr(z2, t1); /* AA = A^2 */ - gf_sqr(t1, t2); /* BB = B^2 */ - gf_mul(x2, z2, t1); /* x2 = AA*BB */ + ossl_gf_sqr(z2, t1); /* AA = A^2 */ + ossl_gf_sqr(t1, t2); /* BB = B^2 */ + ossl_gf_mul(x2, z2, t1); /* x2 = AA*BB */ gf_sub_nr(t2, z2, t1); /* E = AA-BB */ /* 3+e */ gf_mulw(t1, t2, -EDWARDS_D); /* E*-d = a24*E */ gf_add_nr(t1, t1, z2); /* AA + a24*E */ /* 2+e */ - gf_mul(z2, t2, t1); /* z2 = E(AA+a24*E) */ + ossl_gf_mul(z2, t2, t1); /* z2 = E(AA+a24*E) */ } /* Finish */ gf_cond_swap(x2, x3, swap); gf_cond_swap(z2, z3, swap); gf_invert(z2, z2, 0); - gf_mul(x1, x2, z2); + ossl_gf_mul(x1, x2, z2); gf_serialize(out, x1, 1); nz = ~gf_eq(x1, ZERO); @@ -471,8 +471,8 @@ ossl_curve448_point_mul_by_ratio_and_encode_like_x448(uint8_t curve448_point_copy(q, p); gf_invert(q->t, q->x, 0); /* 1/x */ - gf_mul(q->z, q->t, q->y); /* y/x */ - gf_sqr(q->y, q->z); /* (y/x)^2 */ + ossl_gf_mul(q->z, q->t, q->y); /* y/x */ + ossl_gf_sqr(q->y, q->z); /* (y/x)^2 */ gf_serialize(out, q->y, 1); ossl_curve448_point_destroy(q); } diff --git a/crypto/ec/curve448/f_generic.c b/crypto/ec/curve448/f_generic.c index 7bb7df6b60..997862ec20 100644 --- a/crypto/ec/curve448/f_generic.c +++ b/crypto/ec/curve448/f_generic.c @@ -173,32 +173,32 @@ mask_t gf_isr(gf a, const gf x) { gf L0, L1, L2; - gf_sqr(L1, x); - gf_mul(L2, x, L1); - gf_sqr(L1, L2); - gf_mul(L2, x, L1); + ossl_gf_sqr(L1, x); + ossl_gf_mul(L2, x, L1); + ossl_gf_sqr(L1, L2); + ossl_gf_mul(L2, x, L1); gf_sqrn(L1, L2, 3); - gf_mul(L0, L2, L1); + ossl_gf_mul(L0, L2, L1); gf_sqrn(L1, L0, 3); - gf_mul(L0, L2, L1); + ossl_gf_mul(L0, L2, L1); gf_sqrn(L2, L0, 9); - gf_mul(L1, L0, L2); - gf_sqr(L0, L1); - gf_mul(L2, x, L0); + ossl_gf_mul(L1, L0, L2); + ossl_gf_sqr(L0, L1); + ossl_gf_mul(L2, x, L0); gf_sqrn(L0, L2, 18); - gf_mul(L2, L1, L0); + ossl_gf_mul(L2, L1, L0); gf_sqrn(L0, L2, 37); - gf_mul(L1, L2, L0); + ossl_gf_mul(L1, L2, L0); gf_sqrn(L0, L1, 37); - gf_mul(L1, L2, L0); + ossl_gf_mul(L1, L2, L0); gf_sqrn(L0, L1, 111); - gf_mul(L2, L1, L0); - gf_sqr(L0, L2); - gf_mul(L1, x, L0); + ossl_gf_mul(L2, L1, L0); + ossl_gf_sqr(L0, L2); + ossl_gf_mul(L1, x, L0); gf_sqrn(L0, L1, 223); - gf_mul(L1, L2, L0); - gf_sqr(L2, L1); - gf_mul(L0, L2, x); + ossl_gf_mul(L1, L2, L0); + ossl_gf_sqr(L2, L1); + ossl_gf_mul(L0, L2, x); gf_copy(a, L1); return gf_eq(L0, ONE); } diff --git a/crypto/ec/curve448/field.h b/crypto/ec/curve448/field.h index 0350322553..73a6c73743 100644 --- a/crypto/ec/curve448/field.h +++ b/crypto/ec/curve448/field.h @@ -54,9 +54,9 @@ static INLINE_UNUSED void gf_weak_reduce(gf inout); void gf_strong_reduce(gf inout); void gf_add(gf out, const gf a, const gf b); void gf_sub(gf out, const gf a, const gf b); -void gf_mul(gf_s * RESTRICT out, const gf a, const gf b); -void gf_mulw_unsigned(gf_s * RESTRICT out, const gf a, uint32_t b); -void gf_sqr(gf_s * RESTRICT out, const gf a); +void ossl_gf_mul(gf_s * RESTRICT out, const gf a, const gf b); +void ossl_gf_mulw_unsigned(gf_s * RESTRICT out, const gf a, uint32_t b); +void ossl_gf_sqr(gf_s * RESTRICT out, const gf a); mask_t gf_isr(gf a, const gf x); /** a^2 x = 1, QNR, or 0 if x=0. Return true if successful */ mask_t gf_eq(const gf x, const gf y); mask_t gf_lobit(const gf x); @@ -85,16 +85,16 @@ static ossl_inline void gf_sqrn(gf_s * RESTRICT y, const gf x, int n) assert(n > 0); if (n & 1) { - gf_sqr(y, x); + ossl_gf_sqr(y, x); n--; } else { - gf_sqr(tmp, x); - gf_sqr(y, tmp); + ossl_gf_sqr(tmp, x); + ossl_gf_sqr(y, tmp); n -= 2; } for (; n; n -= 2) { - gf_sqr(tmp, y); - gf_sqr(y, tmp); + ossl_gf_sqr(tmp, y); + ossl_gf_sqr(y, tmp); } } @@ -122,9 +122,9 @@ static ossl_inline void gf_subx_nr(gf c, const gf a, const gf b, int amt) static ossl_inline void gf_mulw(gf c, const gf a, int32_t w) { if (w > 0) { - gf_mulw_unsigned(c, a, w); + ossl_gf_mulw_unsigned(c, a, w); } else { - gf_mulw_unsigned(c, a, -w); + ossl_gf_mulw_unsigned(c, a, -w); gf_sub(c, ZERO, c); } } -- cgit v1.2.3